English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.811283
Categoría:Windows : Microsoft Bulletins
Título:Microsoft Windows Multiple Vulnerabilities (KB4034674)
Resumen:This host is missing a critical security; update according to Microsoft KB4034674
Descripción:Summary:
This host is missing a critical security
update according to Microsoft KB4034674

Vulnerability Insight:
Multiple flaws exist due to:

- An error when Microsoft Edge improperly handles objects in memory.

- An error when Microsoft browsers improperly access objects in memory.

- An error when Microsoft Windows PDF Library improperly handles objects in
memory.

- An error when Windows Hyper-V on a host server fails to properly validate
input from an authenticated user on a guest operating system.

- An error when Windows Search handles objects in memory.

- An error when Microsoft Hyper-V Network Switch on a host server fails to properly
validate input from a privileged user on a guest operating system.

- An error in the way that the Windows Subsystem for Linux handles NT pipes.

- An error in the way Microsoft browsers handle objects in memory while rendering
content.

- An error when Windows Subsystem for Linux improperly handles objects in memory.

- An error in Microsoft Edge that could allow an attacker to escape from
the AppContainer sandbox in the browser.

- An error when Microsoft Edge does not properly validate JavaScript under
specific conditions..

- An error in the way JavaScript engines render when handling objects in memory
in Microsoft browsers.

- An error when the win32k component improperly provides kernel information and
fails to properly handle objects in memory..

- An error in the way affected Microsoft scripting engines render when handling
objects in memory.

- An error in Remote Desktop Protocol (RDP) when an attacker connects to the target
system using RDP and sends specially crafted requests.

- An error in the Microsoft JET Database Engine that could allow remote code
execution on an affected system.

- An error in Edge how strings are validated in specific scenarios.

- An error in Windows Input Method Editor (IME) when IME improperly handles
parameters in a method of a DCOM class.

- An error in Windows Error Reporting (WER).

- An error in Microsoft Edge as a result of how memory is accessed in code compiled by
the Edge Just-In-Time (JIT) compiler.

- An error when Microsoft Windows improperly handles NetBIOS packets.

- An error when the Chakra scripting engine does not properly handle objects in memory.

- An error when Microsoft Edge does not properly enforce same-origin policies.

Vulnerability Impact:
Successful exploitation will allow an attacker
to gain access to sensitive information, gain the same user rights as the current
user, execute arbitrary code on the host operating system, take control of the
affected system, execute code with elevated permissions, run processes in an
elevated context, cause a denial of service against the local system, cause the
RDP service on the target system to stop responding, read sensitive data from
memory and thereby potentially bypass Address Space Layout Randomization (ASLR),
and bypass security feature.

Affected Software/OS:
Microsoft Windows 10 Version 1703 x32/x64.

Solution:
The vendor has released updates. Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-0174
BugTraq ID: 100038
http://www.securityfocus.com/bid/100038
http://www.securitytracker.com/id/1039109
Common Vulnerability Exposure (CVE) ID: CVE-2017-0250
BugTraq ID: 98100
http://www.securityfocus.com/bid/98100
http://www.securitytracker.com/id/1039090
Common Vulnerability Exposure (CVE) ID: CVE-2017-0293
BugTraq ID: 100039
http://www.securityfocus.com/bid/100039
http://www.securitytracker.com/id/1039092
Common Vulnerability Exposure (CVE) ID: CVE-2017-8503
BugTraq ID: 99395
http://www.securityfocus.com/bid/99395
http://www.securitytracker.com/id/1039101
Common Vulnerability Exposure (CVE) ID: CVE-2017-8591
BugTraq ID: 99430
http://www.securityfocus.com/bid/99430
http://www.securitytracker.com/id/1039097
Common Vulnerability Exposure (CVE) ID: CVE-2017-8593
BugTraq ID: 100032
http://www.securityfocus.com/bid/100032
http://www.securitytracker.com/id/1039105
Common Vulnerability Exposure (CVE) ID: CVE-2017-8620
BugTraq ID: 100034
http://www.securityfocus.com/bid/100034
https://threatpost.com/windows-search-bug-worth-watching-and-squashing/127434/
http://www.securitytracker.com/id/1039091
Common Vulnerability Exposure (CVE) ID: CVE-2017-8622
BugTraq ID: 100040
http://www.securityfocus.com/bid/100040
http://www.securitytracker.com/id/1039103
Common Vulnerability Exposure (CVE) ID: CVE-2017-8623
BugTraq ID: 100042
http://www.securityfocus.com/bid/100042
http://www.securitytracker.com/id/1039104
Common Vulnerability Exposure (CVE) ID: CVE-2017-8624
BugTraq ID: 100061
http://www.securityfocus.com/bid/100061
http://www.securitytracker.com/id/1039106
Common Vulnerability Exposure (CVE) ID: CVE-2017-8627
BugTraq ID: 100065
http://www.securityfocus.com/bid/100065
Common Vulnerability Exposure (CVE) ID: CVE-2017-8633
BugTraq ID: 100069
http://www.securityfocus.com/bid/100069
http://www.securitytracker.com/id/1039102
Common Vulnerability Exposure (CVE) ID: CVE-2017-8634
BugTraq ID: 100043
http://www.securityfocus.com/bid/100043
https://www.exploit-db.com/exploits/42474/
http://www.securitytracker.com/id/1039095
Common Vulnerability Exposure (CVE) ID: CVE-2017-8635
BugTraq ID: 100055
http://www.securityfocus.com/bid/100055
https://www.exploit-db.com/exploits/42471/
http://www.securitytracker.com/id/1039094
Common Vulnerability Exposure (CVE) ID: CVE-2017-8636
BugTraq ID: 100056
http://www.securityfocus.com/bid/100056
https://www.exploit-db.com/exploits/42466/
https://www.exploit-db.com/exploits/42467/
https://www.exploit-db.com/exploits/42468/
https://www.exploit-db.com/exploits/42478/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8637
BugTraq ID: 100045
http://www.securityfocus.com/bid/100045
Common Vulnerability Exposure (CVE) ID: CVE-2017-8638
BugTraq ID: 100049
http://www.securityfocus.com/bid/100049
Common Vulnerability Exposure (CVE) ID: CVE-2017-8639
BugTraq ID: 100050
http://www.securityfocus.com/bid/100050
Common Vulnerability Exposure (CVE) ID: CVE-2017-8640
BugTraq ID: 100051
http://www.securityfocus.com/bid/100051
https://www.exploit-db.com/exploits/42476/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8641
BugTraq ID: 100057
http://www.securityfocus.com/bid/100057
https://www.exploit-db.com/exploits/42465/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8642
BugTraq ID: 100046
http://www.securityfocus.com/bid/100046
Common Vulnerability Exposure (CVE) ID: CVE-2017-8644
BugTraq ID: 100044
http://www.securityfocus.com/bid/100044
https://www.exploit-db.com/exploits/42459/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8645
BugTraq ID: 100052
http://www.securityfocus.com/bid/100052
https://www.exploit-db.com/exploits/42469/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8646
BugTraq ID: 100053
http://www.securityfocus.com/bid/100053
https://www.exploit-db.com/exploits/42470/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8647
BugTraq ID: 100054
http://www.securityfocus.com/bid/100054
Common Vulnerability Exposure (CVE) ID: CVE-2017-8650
BugTraq ID: 100048
http://www.securityfocus.com/bid/100048
Common Vulnerability Exposure (CVE) ID: CVE-2017-8652
BugTraq ID: 100047
http://www.securityfocus.com/bid/100047
https://www.exploit-db.com/exploits/42445/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8653
BugTraq ID: 100059
http://www.securityfocus.com/bid/100059
Common Vulnerability Exposure (CVE) ID: CVE-2017-8655
BugTraq ID: 100027
http://www.securityfocus.com/bid/100027
Common Vulnerability Exposure (CVE) ID: CVE-2017-8656
BugTraq ID: 100033
http://www.securityfocus.com/bid/100033
https://www.exploit-db.com/exploits/42464/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8657
BugTraq ID: 100035
http://www.securityfocus.com/bid/100035
https://www.exploit-db.com/exploits/42481/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8659
BugTraq ID: 100029
http://www.securityfocus.com/bid/100029
Common Vulnerability Exposure (CVE) ID: CVE-2017-8661
BugTraq ID: 100037
http://www.securityfocus.com/bid/100037
Common Vulnerability Exposure (CVE) ID: CVE-2017-8662
BugTraq ID: 100031
http://www.securityfocus.com/bid/100031
Common Vulnerability Exposure (CVE) ID: CVE-2017-8664
BugTraq ID: 100085
http://www.securityfocus.com/bid/100085
http://www.securitytracker.com/id/1039093
Common Vulnerability Exposure (CVE) ID: CVE-2017-8672
BugTraq ID: 100072
http://www.securityfocus.com/bid/100072
Common Vulnerability Exposure (CVE) ID: CVE-2017-8673
BugTraq ID: 100079
http://www.securityfocus.com/bid/100079
http://www.securitytracker.com/id/1039107
Common Vulnerability Exposure (CVE) ID: CVE-2017-8674
BugTraq ID: 100081
http://www.securityfocus.com/bid/100081
Common Vulnerability Exposure (CVE) ID: CVE-2017-8666
BugTraq ID: 100089
http://www.securityfocus.com/bid/100089
Common Vulnerability Exposure (CVE) ID: CVE-2017-8669
BugTraq ID: 100068
http://www.securityfocus.com/bid/100068
Common Vulnerability Exposure (CVE) ID: CVE-2017-8670
BugTraq ID: 100070
http://www.securityfocus.com/bid/100070
https://www.exploit-db.com/exploits/42477/
Common Vulnerability Exposure (CVE) ID: CVE-2017-8671
BugTraq ID: 100071
http://www.securityfocus.com/bid/100071
https://www.exploit-db.com/exploits/42475/
CopyrightCopyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.